Stopped Brute Force attacks immediately

  • carolsteele

    (@carolsteele)


    7 years ago

    I installed Loginizer to record the number of Brute Force attacks my site was getting – it was growing rapidly. Just before I installed Better WordPress reCAPTCHA I received over 300 attempts to hack into my site. Unfortunately Loginizer doesn’t have reCapture as an option in the free version so I cast around for a plugin which would allow Google’s reCAPTCHA on the login page – and I found this plugin.
    After installing it, there has been no further attempts at brute force attacks.

Viewing 3 replies - 1 through 3 (of 3 total)

  • Carol, I too am being overwhelmed recently by huge numbers of brute force attacks. I had tried a captcha on login earlier, but it didn’t seem to help much…and it was a nuisance whenever I wanted to log in.

    Is your solution still working for you? If so, maybe I should try again. My other thought is to install one of the WP plugins designed to step these blessed attacks!

    Linda

    Thread Starter carolsteele

    (@carolsteele)

    Hi Irene,

    Yes, and I am really glad I persevered. Over one 24 hour period I had almost 5000 attempts to log-in. After this I considerably tightened up security – changed my login name to some random sequence characters and introduced a very complex 30 character password.
    Although I still get around 10 attempts per day, having Loginizer I can see the user-names they are trying and they are nowhere near, so I now just use the Loginizer standard values for lockout.
    During the period of high intensity attacks I did change the parameters in Loginizer for locking people out to allow just one failed attempt before lockout and it was that that swiftly led to a dropdown to present levels of attempts.
    You can set the recaptcha to remember you aand so login is not a problem. Another thing I did was to add another admin for the site with an equally complex username and password so that if I ever did lock myself out, I could always use the backup administrator to gain access to the backroom of the site.

    • This reply was modified 6 years, 9 months ago by carolsteele.

    Hi Carol,

    Thanks so much for your reply…helpful information. Sounds as if you’ve cut down dramatically on the attacks, which is what I’m trying to do. I really like that Loginizer can be set up to block repeat attempts to login. Your other great idea is to set up a “just in case” second admin…hadn’t thought of that.

    I’ll try a captcha again and see if I can figure out how to make it remember me. If it has to do with white listing my IP address, it will require more research on my (non technical) part!!

    Isn’t it frustrating that there are so many bad actors out there making our technological lives so difficult!

    Thanks again,

    Linda

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Stopped Brute Force attacks immediately’ is closed to new replies.